<?php
	$root = $_SERVER['DOCUMENT_ROOT'];
	include($root . "/util/session.php");
	include($root . "/util/privilege_check.php");
	checkPrivilege("admin");

	if($_SERVER["REQUEST_METHOD"] == "POST"){
		$degreeID=mysqli_real_escape_string($db,$_POST['degreeID']);
		$subjectID=mysqli_real_escape_string($db,$_POST['subjectID']);
		$sql_query="select * from subjects where degreeID = '$degreeID' and subjectID='$subjectID'";
		$result=mysqli_query($db,$sql_query);
		//check if user exists
		if(mysqli_num_rows($result) == 0){
			$error="Subject in that degree doesn't exist";
		}
		else{
			$description=mysqli_real_escape_string($db,$_POST['description']);
			$subjectID=mysqli_real_escape_string($db,$_POST['subjectID']);
			$subjectName=mysqli_real_escape_string($db,$_POST['subjectName']);
			$description=mysqli_real_escape_string($db,$_POST['description']);
			$coordinator=mysqli_real_escape_string($db,$_POST['coordinatorID']);
			$sql_query="UPDATE subjects SET subjectName = '$subjectName', description = '$description', coordinatorID='$coordinator' where subjectID='$subjectID' and degreeID='$degreeID'";
			$result=mysqli_query($db,$sql_query);
			if($result){
				header("Location: /admin/admin.php?msg=Subject Modified");
			}
		}
	}
	else{
		$degreeID=mysqli_real_escape_string($db,$_GET['degreeID']);
		$subjectID=mysqli_real_escape_string($db,$_GET['subjectID']);
		$query = "SELECT * FROM subjects where degreeID='$degreeID' and subjectID='$subjectID'";
		$result = mysqli_query($db,$query);
		if(mysqli_num_rows($result) == 0){
			$error = "No such degree";
			exit;
		}
		else{
			$row=mysqli_fetch_assoc($result);
		}
	}
?>
<html>
<head>
	<title>Modify a degree</title>
  	<link rel="stylesheet" type="text/css" href="adminStyle.css">
</head>
<body>
  	<?php
  	include($root . "/admin/header.php");
	?>
		<li><a href="/admin/subjectList.php?degreeID=<?php echo $row['degreeID']?>">Back</a></li>
	<form action="/admin/subjectMod.php" method="post" id="subjectForm">
		<label for="degreeID">ID of Degree subject belongs to:</label><br>
		<input type="text" id="degreeID" name="degreeID" value="<?php echo $row['degreeID']?>"><br>
		<label for="degreeID">ID of Subject to modify</label><br>
		<input type="text" id="subjectID" name="subjectID" value="<?php echo $row['subjectID']?>"><br>
		<label for="subjectName">New subject name:</label><br>
		<input type="text" id="subjectName" name="subjectName" value="<?php echo $row['subjectName']?>"><br>
		<label for="description">New description:</label><br>
		<textarea rows="4" cols="50" name="description" id="description" form="subjectForm"><?php echo $row['description']?></textarea><br>
		<label for="coordinatorID">Coordinator:</label><br>
		<select name="coordinatorID" id="coordinatorID" name="coordinatorID" form="subjectForm">
			<?php
				$tSQL="select * from users join user_info on users.username=user_info.login where usertype='teacher'";
				$tResult=mysqli_query($db,$tSQL);
				while($teacher=mysqli_fetch_assoc($tResult)){
					if($row['coordinatorID'] == $teacher['username']){
						echo '<option selected="" value="' . $teacher['username'] . '">' . $teacher['full_name'] . '</option>';
					}
					else{
						echo '<option value="' . $teacher['username'] . '">' . $teacher['full_name'] . '</option>';
					}
				}
			?>
		</select>
		<input type="submit" value="Submit">
	</form>
<div style = "font-size:11px; color:#cc0000; margin-top:10px"><?php if(isset($error)){echo $error;} ?></div>

	<?php
  	include($root . "/admin/footer.php");
	?>
</body>
</html>
